Rework of the document overview:

• Acknowledge and describe the anticipated implementation architectures (deployment models in the SRA)
• Use the SRA as the source of security requirements
• Ensure the specification is when the text is normative, and when it is just informative (e.g, an example related to a subset of implementation architectures)